The Information Security Manager (ISM) shall be responsible for preparing, maintaining and communicating IT Security Policies & Procedures throughout the organization.
Being the administrative head of the Security Organization Structure, he serves as the focal point for deciding on all information security issues and is also responsible for creating security awareness in TMG.
- Manage the timely resolution of all issues and questions regarding responsibilities for IT security management in TMG that relate to achieving and maintaining full compliance with the IT Security Policies and Procedures.
- Ensure that responsibilities are defined and that procedures are in effect to promptly detect, investigate, report and resolve IT security incidents in TMG.
- Ensure that ongoing information security awareness education and training is provided to all TMG's employees.
- Seek legal guidance and initiate legal proceedings on behalf of TMG in case of illegal data loss or hacking from or in any of TMG's information systems.
- Support the risk management process by analysing threats to the computing environment.
- Approve third party connectivity to TMG's computing resources.
- Authorise and decide on new security products to be implemented across the TMG's.
- Receive exception requests from users and coordinate with the ISF to initiate protective and corrective measures if a security problem is discovered.
- Prepare security procedures for monitoring the IT infrastructure in TMG (e.g., WAN, LAN etc.), including procedures for monitoring and reacting to system security warning messages and reports.
- Ensure that the physical security staff is adequately trained to meet the security requirements of TMG's.
- In co-ordination with Internal Audit Team, incorporate appropriate procedures in the routine audit checks to verify the compliance to the IT Security Policy and Procedures and detect incidents.